| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: allow building trusted languages without the untrusted versions |
| Date: | 2022-05-23 18:20:02 |
| Message-ID: | 1306838.1653330002@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Nathan Bossart <nathandbossart(at)gmail(dot)com> writes:
> That's a reasonable point. I'll go ahead an explore some options for
> something along those lines. A couple of questions immediately come to
> mind. For example, should this configuration option just cause these
> functions to ERROR, or should it compile them out?
Letting them be present but throw error is likely to be far less
painful than the other way, because then you don't need a separate
set of SQL-visible object definitions. You could, in fact, imagine
jacking up an existing database and driving a set of locked-down
binaries under it --- or vice versa. If there have to be different
versions of the extension SQL files for the two cases then everything
gets way hairier, both for developers and users.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nathan Bossart | 2022-05-23 18:34:57 | Re: allow building trusted languages without the untrusted versions |
| Previous Message | Nathan Bossart | 2022-05-23 17:38:05 | Re: allow building trusted languages without the untrusted versions |